Protected WLAN (802.11 and hidden SSID)

Rick Stevens ricks at nerd.com
Mon May 23 16:02:26 UTC 2011 

On 05/23/2011 08:03 AM, Genes MailLists wrote:
>  (sorry I lost the threading info ... )
> 
>> Time Smith wrote:
> 
>> Late to the party, but just for useful information, disabling SSID
>> broadcast is NOT a violation of of 802.11 :-) It's mandatory to put
>> the SSID information element in your beacons, but there's nothing
>> that says you have to tell the truth, and likewise no explicit
>> prohibition against including multiple SSID
> 
> 
>   Thanks for clarifying - I suppose this is the relevant section (8.4.2
> in 802.11i):
> 
>>> The STA’s IEEE 802.11 management entity shall utilize the
> MLME-SCAN.request primitive to identify
>> neighboring STAs that assert robust security and advertise an SSID identifying an authorized ESS or IBSS.
>> A STA may decline to communicate with STAs that fail to advertise an RSN information element in their
>> Beacon and Probe Response frames or that do not advertise an authorized SSID. A STA may also decline to
>> communicate with other STAs that do not advertise authorized authentication and cipher suites within their
>> RSN information elements.
>>
>> A STA shall advertise the same RSN information element in both its Beacon and Probe Response frames.
>>
> 
>   Kinda reads like in fact it does require the beacon to tell the truth
> ... and therefore that the SSID must indeed be in beacon and be the same
> as in the probe response ... but perhaps others can parse this document
> better than me .. :-)

Actually it reads to me as though it can use the MLME-SCAN stuff to
identify STAs that _DO_ assert robust security and advertise their
SSID. I don't read it to say you _HAVE_ to advertise your SSID.

"I'm not a lawyer and I've never played one on TV..."
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, C2 Hosting          ricks at nerd.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-  Any sufficiently advanced technology is indistinguishable from a  -
-                              rigged demo.                          -
----------------------------------------------------------------------

More information about the users mailing list